www.34st.com Open in urlscan Pro
34.205.226.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.34st.com/
Effective URL:
https://www.34st.com/
Submission: On July 30 via manual (July 30th 2021, 8:17:46 am UTC) from US

Summary HTTP 134 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 24 domains to perform 134 HTTP transactions. The main IP is 34.205.226.13, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.34st.com.
TLS certificate: Issued by R3 on June 28th 2021. Valid for: 3 months.

This is the only time www.34st.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	34.205.226.13 34.205.226.13	14618 (AMAZON-AES) (AMAZON-AES)
5	13.224.89.51 13.224.89.51	16509 (AMAZON-02) (AMAZON-02)
9	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:3::622 2a04:4e42:3::622	54113 (FASTLY) (FASTLY)
11	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	52.6.83.111 52.6.83.111	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
13	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	34.193.255.24 34.193.255.24	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 4	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
2	23.111.9.57 23.111.9.57	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:1cf8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	34.102.219.251 34.102.219.251	15169 (GOOGLE) (GOOGLE)
134	33

4 34.205.226.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-226-13.compute-1.amazonaws.com

www.34st.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.89.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-51.zrh50.r.cloudfront.net

d8es5520nmizf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::622 (United States)

ASN54113 (FASTLY, US)

image.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

snworksceo.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.6.83.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-83-111.compute-1.amazonaws.com

thedp.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-web-services-dp.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.255.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-255-24.compute-1.amazonaws.com

antifraudjs.friends2follow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.50 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)

twemoji.maxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1cf8 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icv.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.219.251 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 251.219.102.34.bc.googleusercontent.com

stats.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	530 KB
14	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	155 KB
11	friends2follow.com thedp.friends2follow.com tracking.friends2follow.com antifraudjs.friends2follow.com	147 KB
11	imgix.net snworksceo.imgix.net	372 KB
10	typekit.net use.typekit.net p.typekit.net	361 KB
7	bannernow.com storage.bannernow.com stats.bannernow.com icv.bannernow.com	96 KB
7	googletagservices.com www.googletagservices.com	238 KB
6	ampproject.org cdn.ampproject.org	118 KB
6	google.com apis.google.com www.google.com	532 B
5	gstatic.com fonts.gstatic.com	97 KB
5	cloudfront.net d8es5520nmizf.cloudfront.net	25 KB
4	adnxs.com 2 redirects secure.adnxs.com	4 KB
4	googleapis.com fonts.googleapis.com	2 KB
4	34st.com 1 redirects www.34st.com	13 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	maxcdn.com twemoji.maxcdn.com	1 KB
2	facebook.net connect.facebook.net	68 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	2mdn.net s0.2mdn.net	36 KB
1	rtb123.com www.rtb123.com	910 B
1	cloudfunctions.net us-central1-web-services-dp.cloudfunctions.net	2 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	issuu.com image.issuu.com	26 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
134	24

	Domain	Requested by
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.34st.com 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com tpc.googlesyndication.com
13	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.34st.com
11	snworksceo.imgix.net	www.34st.com
9	use.typekit.net	www.34st.com
8	thedp.friends2follow.com	www.34st.com thedp.friends2follow.com
7	www.googletagservices.com	www.34st.com securepubads.g.doubleclick.net 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	securepubads.g.doubleclick.net 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	d8es5520nmizf.cloudfront.net	www.34st.com
4	storage.bannernow.com	2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com storage.bannernow.com
4	secure.adnxs.com	2 redirects www.34st.com
4	fonts.googleapis.com	thedp.friends2follow.com storage.bannernow.com
4	www.34st.com	1 redirects www.34st.com
2	icv.bannernow.com
2	platform.twitter.com	www.34st.com platform.twitter.com
2	2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	twemoji.maxcdn.com	thedp.friends2follow.com
2	tracking.friends2follow.com	thedp.friends2follow.com
2	connect.facebook.net	www.34st.com connect.facebook.net
2	www.google-analytics.com	www.34st.com www.google-analytics.com
1	stats.bannernow.com	storage.bannernow.com
1	s0.2mdn.net	storage.bannernow.com
1	syndication.twitter.com	platform.twitter.com
1	apis.google.com	thedp.friends2follow.com
1	p.typekit.net	www.34st.com
1	antifraudjs.friends2follow.com	thedp.friends2follow.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.rtb123.com	www.34st.com
1	us-central1-web-services-dp.cloudfunctions.net	d8es5520nmizf.cloudfront.net
1	www.googletagmanager.com	www.34st.com
1	image.issuu.com	www.34st.com
1	cdnjs.cloudflare.com	www.34st.com
134	34

This site contains links to these domains. Also see Links.

Domain
thedp.us2.list-manage.com
issuu.com
www.thedp.com
getsnworks.com

Subject Issuer	Validity	Valid
www.34st.com R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.issuu.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
friends2follow.com Amazon	`2020-12-11` - `2022-01-09`	a year	crt.sh
misc.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.rtb123.com GlobalSign GCC R3 DV TLS CA 2020	`2021-01-09` - `2022-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
twemoji.maxcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-09` - `2021-11-09`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
stats.bannernow.com GTS CA 1D4	`2021-06-27` - `2021-09-25`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.34st.com/
Frame ID: 569EE485268FCDC3F93FF624E8AE6B94
Requests: 49 HTTP requests in this frame

Frame: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
Frame ID: 1842FB5D6122714BAA764B6ACBA3B5BD
Requests: 21 HTTP requests in this frame

Frame: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9752B74A926FBB95BB174ACF76B253B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0504c5db6e58d499a7ba93c246a8554d.html?origin=https%3A%2F%2Fthedp.friends2follow.com
Frame ID: 97B49AE7B0A1651D6610CECB2733B405
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs
Frame ID: F3E41C0334ECB58A7017F3B91AE11596
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQeqc-kkLXgtao4eYr_fgSAAcIyvnttckj2KvRuZdLshczhDaArCJC6CWpX7WUb1qF8RAlJI4yHZtoTtM910chrIqba2WmaCxUXyrrWnr5yprxWown7wM0velDMyAGyCHOQW6ovw18gIeOLw5_n2W8L3Cq0ZlYYI3Da6a0mtVPZgv78QeWa-IJgvO55GoUXixIt7vLulMg8Zc4HDJzkg18TcEr_WmkDWM72nNcgDPkx95FHDIfyDHY4DRNVtbNNqcvYy89o_XrYnAGJ7-xOm6Wcn44ZsqNCVdo-Zqq4Mxqj637bb95v12yF2BSDQ0&sai=AMfl-YTUimO8xYmcAmsbVprF5vVCJ7jZ-VvTMM39W0kWed9C7LJadiBwEL0LDfu-m-rlXfSbcZfMeJQ6Vu72KhGiMNF4t26zOwQ6WPiqJwoR2CrX5jxZ-BFdoLfMgO2HZrpA&sig=Cg0ArKJSzNNJe0RFXngFEAE&adurl=
Frame ID: 5B58FFBF64BE5BDF7D71BA46F45485C0
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8Lnx0O_Y9DE5tiS1XuOgcIka7A9FJbUkBOHnl9eo5uVRbXI1URN0FJuknZg9WVAbUyp8tCUe5e6zKvxqXVLuOKMa_fKaXIUChQK9VxzeTJBVtqyxGLSg-2Vgv9Hupj-yvWb5oeJ8f63ZXCFrnGzKzf2xQbiIvTxRIO5wflGVPE1z48sT3bs6ebG9MCZLhvJZMh0CHdtAbmtI_Co1vJ1zcJ-QqVZD3SJV6Y4QaOVCodYZ5TgPh_uxeuKggzWr55QdZm7WkyY-slbqrnD_3atm0PdJREiGaOgsqiALBLwtguAWt3AL2ZCuPgya-z7HefV4&sai=AMfl-YQ4dTjPwoGkwqTniFgd2FY7ZFTd-GjJtGbR9mlX6wj485rhNo3LmUrDSmy0T0BBoF5jphL0efIUgVsxIbx2hKVaVCuT92bg-ucQ96Kt_0c3HLNklPpiep3Vn4DLxlOI&sig=Cg0ArKJSzMheI58bDQuvEAE&adurl=
Frame ID: E51998692232A144A7BFE6F090E1AAE7
Requests: 9 HTTP requests in this frame

Frame: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C46B04403459BEB40BC46E32F3FD6611
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK1LDTPAxBdujLqUJjqAEDpIGmUKzbpqjA79vMrk7DgMrfpFdjxg5tlKSDPm9bw_yAoghIFrCZbSbyhEelBimnTz3BbmTIZiW3IjLLhibQa_98c1D0MORTGun2Dod9D1SOjQq9s_apABSZ1vY1UighjMcia4647216AC7mlzLMhWdr4TQ2xJIijJPZfYvMq20sQNp3bkryxJztYhqRaayXv21bw8hx0eQ6yQ8b3hpd5yfPHBJqA5zehlVPeYYPm_ABviC_qka8qQGP71yBki1iXsbx1-uGRZzWfUinXkip9G9X18sg7lIRnR-pLcg&sai=AMfl-YQS7_7xAwqqzqCSr8oBnWLh6DOFJJ6jH1Zc5e15Y-5HvAE4syIit_GbB-jyc5XeiTfoAqi5AMqSZ2TNwDBRNii-bYksLulOVgs02v3Zpl47Rp0_vH6B2vRgrGGuElgP&sig=Cg0ArKJSzGVr1k6zo9dfEAE&adurl=
Frame ID: FB21B6B243864D0CD2D398FA93EFD0F6
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQUcd_NYlA90Bba3FK7mR-49oAvjXeSCn-6UMY3bsm7ToQL_Z8SjMJF6TKx7WBmaZrnPfn8a2IcEufgvy5T_kGYd173cWBwou6zBsUS34wTrk6srZsxsi8BuR3el5nfRpPEiIck_dyO7x8tdOS6VBGBbQ7k9v0kWzwLSO2A88mRJDpjMoZCORvzPiYVnW4VDPHVKgWg4rVHBF4sSSt6BXwSIekXmbIcH9pAYv87JbhaOVx-3_zEBAH2keD50CaFxVEdnbhuG8g1EEYV4-CAQbF6RIBFU-CIctM7umFaaPzZcbkEhG-iYux50ZhfisRHGA&sai=AMfl-YQKndOmcvkVdxvWAIj3RyUOqHNCgPCvPsGaExbnTqSusadraSicFuvp_xRU83_q9BKlahlPBYH0nTVxny1Jw-9Ov3NuFjc2MzD9jMHvr1Add9UqEO005TRl9hJFeUsT&sig=Cg0ArKJSzO9d1QPdJufWEAE&adurl=
Frame ID: FF89F82DBEE2341365919945106EA2F8
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 80C428A0E46FDE6C026481A474354EF4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 148EF505D7ABEDF258E635BEE64B6836
Requests: 1 HTTP requests in this frame

Frame: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/index.html
Frame ID: E0D2040129DEDD145667D3AA63F960CA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.34st.com/ HTTP 301
https://www.34st.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

134
Requests

100 %
HTTPS

69 %
IPv6

24
Domains

34
Subdomains

33
IPs

4
Countries

2484 kB
Transfer

4982 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://thedp.us2.list-manage.com/subscribe?u=a96885e3aa3f8131c872ee329&id=370b4800ba
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://issuu.com/34st/docs/379_dpdt_20210513_1_c-merged__1_
Title:

Search URL Search Domain Scan URL

URL: https://www.thedp.com/advertise
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.thedp.com/page/terms
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.thedp.com/page/donate
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.thedp.com/page/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://getsnworks.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.34st.com/ HTTP 301
https://www.34st.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://secure.adnxs.com/seg?add=9359095&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9359095%26t%3D2

Request Chain 55

https://secure.adnxs.com/seg?add=9396080&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9396080%26t%3D2

134 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.34st.com/
Redirect Chain

http://www.34st.com/
https://www.34st.com/

43 KB
11 KB

1357ms
1139ms

Document
text/html

34.205.226.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.205.226.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-226-13.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7484f0ee133dfeafa2b6d3e932401a5bdea284f0e3542f744b815ce470d3bbdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.34st.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 30 Jul 2021 08:17:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=08j9s3q0pt3up4gl89isca3i17; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-CEO-Verification: 12239ce20b26bfc70f51778a76b83ffb5e7927005a528fc59f9b3e039f87fd3b
X-SNW-Registration: dpn-34s
X-CEO-Enable-Compatibility: true
X-CEO-Cached: false
X-Server: ceofrontend13
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip

Redirect headers

Content-Type: text/html
Date: Fri, 30 Jul 2021 08:17:26 GMT
Location: https://www.34st.com/
Server: nginx
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 178
Connection: keep-alive

GET
H/1.1 200
OK ceo-base.css
www.34st.com/s/ 2 KB
1 KB 122ms
122ms Stylesheet
text/css 34.205.226.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.34st.com/s/ceo-base.css

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.205.226.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-226-13.compute-1.amazonaws.com

Software

nginx /

Resource Hash

84f9c105c3b16ac4a510dae6e1f6271f201c3b17e19968e8a73c9c7cd630b32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.34st.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.34st.com/
Cookie: PHPSESSID=08j9s3q0pt3up4gl89isca3i17
Connection: keep-alive
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-SNW-Registration: dpn-34s
X-CEO-Cache-Control: 420db319621dc3bc3fd2ae8d658989d6
Date: Fri, 30 Jul 2021 08:17:27 GMT
Content-Encoding: gzip
X-CEO-Enable-Compatibility: true
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css;charset=UTF-8
X-CEO-Cached: true
X-XSS-Protection: 1; mode=block
X-CEO-Verification: 6cab815bdf2ebd5187cad8aae2c21ecfa1d295ddb7fdcf268f54b3f4ba940b51
Connection: keep-alive
X-Server: ceofrontend13
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK master.min.css
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/css/ 74 KB
14 KB 64ms
12ms Stylesheet
text/css 13.224.89.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/css/master.min.css
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-51.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff8c0d0e0bd1c1b1c15235e3629e1eb665f985e90a96bc614f9170575913b98d

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 06:16:59 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 09 Feb 2021 20:40:13 GMT
Server: AmazonS3
Age: 1044029
ETag: W/"dcffbe1a5a7f319898e6fde22ef1f897"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: 8LaLTCYy4YZJBBeQyDYiMqpJ59k9ETvbHz-hnzF2vuc3auyJ3EdZ5w==

GET
H2 200 ziq1fqf.js Show response
use.typekit.net/ 19 KB
7 KB 43ms
13ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ziq1fqf.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

40c40da873f020089892a3bc14286faf876b00f841893d51ba07c111db7c295e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 30 Jul 2021 08:17:27 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7006

GET
H2 200 sharer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sharer.js/0.3.1/ 5 KB
2 KB 28ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sharer.js/0.3.1/sharer.min.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec0c64f115b1597b9058cb7774e56a240de29ad3cf40e75c2fb2c49fc5338a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8470589
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1375
cf-request-id: 099f33831f00002b95da8d2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fce-140c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0xmoaLsO2%2FgKVEbkEot4ysFBPAIngIzIy3P9udjXwVqKtubGksKlToWnjsZ57wQqbeSIsuvcaGkyko%2BKxFBAWHGJ9vpUmCO4i%2FvIovN%2Ffor5WUf5MK%2FeIOBylBfj%2BO%2B17PJANcV0XzqUiYxJZbop0GI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 676d2694a89cdfc3-FRA
expires: Wed, 20 Jul 2022 08:17:27 GMT

GET
H/1.1 200
OK master-min.js Show response
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/ 561 B
1 KB 64ms
13ms Script
application/javascript 13.224.89.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/master-min.js
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-51.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4592216ca0c1354735c9d85ebc2a90666fc547087f11e1cec9df4f206c5c62e4

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 14:39:09 GMT
Via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 09 Feb 2021 20:40:14 GMT
Server: AmazonS3
Age: 581899
ETag: "58fdf4f82a62dc40ea580a3b0a3e57f6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 561
X-Amz-Cf-Id: OgtrBl0hcRTzZe0nra8U2Ov5cnX4oe9ZAk8xbVukMUkvAlVVeILpjw==

GET
H/1.1 200
OK 34st-logotype.svg
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/img/ 4 KB
2 KB 15ms
13ms Image
image/svg+xml 13.224.89.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/img/34st-logotype.svg
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-51.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7cfe91cf9e016980de76d9aae9787b53d95062fb9e5ea9dc5cd1b3e2d471ff20

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 19:18:22 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 09 Feb 2021 20:40:13 GMT
Server: AmazonS3
Age: 565146
ETag: W/"ab8d82c3027cf2edf0995e939d4f417d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: 7VQpEC7c4MX9t0OLQCHn2pYI9Ulq4FX-AiicDSfWt6x5SB0300BX_g==

GET
H2 200 page_1_thumb_large.jpg
image.issuu.com/210512022717-801b91c4feba678a143be47cf3af98ce/jpg/ 26 KB
26 KB 23ms
6ms Image
image/jpeg 2a04:4e42:3::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.issuu.com/210512022717-801b91c4feba678a143be47cf3af98ce/jpg/page_1_thumb_large.jpg
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77da52330e387ed956c4d9a4aab9533d771baf594d71df17acc81ab43c1b36c4

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 1975675
x-cache: HIT, HIT
content-length: 26349
x-amz-id-2: z2l9FnfBx2KqZsj/zoE3TJR1Am6xx4zAw6gE0VPJhL0pwha6LvQnqGIabz0hsJsdgcsajUkIMv8=
x-served-by: cache-bwi5145-BWI, cache-fra19148-FRA
last-modified: Wed, 12 May 2021 02:27:47 GMT
server: AmazonS3
x-timer: S1627633048.864889,VS0,VE1
etag: "502d2d7c767948c7e975aa94714dc6e5"
x-amz-request-id: PGRZZAYSN15KTZE7
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 81666ebd-7c9c-42fc-80f5-82099735d853.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 29 KB
29 KB 24ms
7ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/81666ebd-7c9c-42fc-80f5-82099735d853.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d594142c8189dc0b472e4e6a493a5bfb513b5ec6afa4310c1d8296586ebe57ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 19:53:47 GMT
server: imgix
age: 131021
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 3a68855f54b4f4230f2aea4ae838b4ec29a6f482
accept-ranges: bytes
content-length: 29885
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10048-SJC, cache-fra19124-FRA

GET
H2 200 f3e0312f-e24e-405c-91f7-cb4a46fe84e2.sized-1000x1000.JPG
snworksceo.imgix.net/dpn-34s/ 49 KB
49 KB 26ms
8ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/f3e0312f-e24e-405c-91f7-cb4a46fe84e2.sized-1000x1000.JPG?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

45ba8d76da6207979feae30e72441a49ee8565d0bdbc8f8649c0f96290bd57e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 15:59:24 GMT
server: imgix
age: 145083
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 129e9039d23e2ffa2ad150304a1075eb4dfbfd44
accept-ranges: bytes
content-length: 49944
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10066-SJC, cache-fra19124-FRA

GET
H2 200 a710001a-1cec-4254-83fb-1456e01157c8.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 30 KB
30 KB 40ms
23ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/a710001a-1cec-4254-83fb-1456e01157c8.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

df9695b05efd2e91c01ade4372fb2d2c8d44529215835c86e4b3912bceee673e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 08:26:17 GMT
server: imgix
age: 258671
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 037e3878433f714c22501c3bd5356bc8d500726a
accept-ranges: bytes
content-length: 30407
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10051-SJC, cache-fra19124-FRA

GET
H/1.1 200
OK SNWorks.svg
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/img/ 15 KB
7 KB 24ms
16ms Image
image/svg+xml 13.224.89.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/img/SNWorks.svg
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-51.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7727d977fa39f40c2d319f2aaa6d290f6fda454be7929c3f5370e04ab718292c

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 21:37:55 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 09 Feb 2021 20:40:13 GMT
Server: AmazonS3
Age: 1247973
ETag: W/"edcfd473018d598c56385c11047a6ac0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: 8l-PiEXX-yfGks_JwfdVIK2R0SZqRvrb5yETwAxrbyaf_JwKi_ib-w==

GET
H/1.1 200
OK ads.js Show response
d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/ 114 B
623 B 13ms
13ms Script
application/javascript 13.224.89.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/ads.js
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-51.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d987eed73fafe2f6d7390243623f3547ddf7489c70f45c7949008bea05fe1b36

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Jul 2021 05:29:12 GMT
Via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 09 Feb 2021 20:40:15 GMT
Server: AmazonS3
Age: 1133295
ETag: "bfd1eee7159e05620e41738fa66dd2b9"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=2592000
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 114
X-Amz-Cf-Id: N7cgYBr4Aia3ZinyuHZWecAK-HsN61IB4Mf5-Hu0FFCKmIHMYzEEPA==

GET
H/1.1 200
OK Cookie set e.js Show response
www.34st.com/b/ 1004 B
1 KB 213ms
163ms Script
text/javascript 34.205.226.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.34st.com/b/e.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.205.226.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-226-13.compute-1.amazonaws.com

Software

nginx /

Resource Hash

84aebe8a337f6d94b992a864b9e8fd60d63f1af6776528cb9e9710c75351424b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.34st.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.34st.com/
Cookie: PHPSESSID=08j9s3q0pt3up4gl89isca3i17
Connection: keep-alive
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 08:17:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Set-Cookie: _dpn-34sceoInfo=%2BolUEI2k9VyzgzScvMf%2BY51%2Bwq6Pt9qV6G076qCphBzZ7nMii35LJgBhZhHvinyqfm%2FKlg%3D%3D; expires=Sat, 31-Jul-2021 08:17:27 GMT; Max-Age=86400; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
38 KB 44ms
23ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TP7BVQ2

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

094aacfa9ba4bc89875aafdfe3b6712f533c28692ceee0ae56de95ae9b3893c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38643
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Jul 2021 08:17:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3543
date: Fri, 30 Jul 2021 07:18:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 30 Jul 2021 09:18:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e0a311aed2b30c3df26f73677b4a58473789659873d95f2ebdc48f6921b1aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SX2eLNV5nHvkDajMXsgWmw==
cross-origin-resource-policy: cross-origin
expires: Fri, 30 Jul 2021 08:33:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: ldupHLqZLoU6hgekBiTxiJgW/1E76yRWdmExOpYtzTBwCOG3yQ4hbExfOdGoJv/zSSsO82BqAo1lJAXtDlkNhg==
x-fb-trip-id: 917726464
x-fb-content-md5: 5b3bab6edecfeae0afe207b397bbf650
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Fri, 30 Jul 2021 08:17:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3a9aa4b61c9a501d9ba02cc566d8742b"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK 5 Show response
thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/ Frame 1842 49 KB
8 KB 442ms
106ms Document
text/html 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ef7d38f67157f44fbfdc41521b667eebf961b4828bc7c474c61f9120b5e735ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff

Request headers

Host: thedp.friends2follow.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.34st.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.34st.com/

Response headers

Accept-Ranges: bytes
Age: 101
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 30 Jul 2021 08:17:28 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Server: Apache
Vary: Accept-Encoding
Via: 1.1 varnish
X-Content-Type-Options: nosniff nosniff
X-Varnish: 231146013 231143067
X-Varnish-Cache: HIT
Content-Length: 7855
Connection: keep-alive

GET
H2 200 78663c5f-731f-4787-b0b6-e297334e0330.sized-1000x1000.png
snworksceo.imgix.net/dpn-34s/ 53 KB
53 KB 21ms
18ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/78663c5f-731f-4787-b0b6-e297334e0330.sized-1000x1000.png?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2b40c9fadc5391a5071fd84efa7a1b22a6016d60c19710501a856da1ad59409f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 14:07:09 GMT
server: imgix
age: 65418
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 25060efba7aa8ab4914f34e4b0bd675a43dff1bd
accept-ranges: bytes
content-length: 53919
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10043-SJC, cache-fra19124-FRA

GET
H2 200 5a23d68c-d062-42e1-8b94-aba79ae85166.sized-1000x1000.jpeg
snworksceo.imgix.net/dpn-34s/ 22 KB
22 KB 10ms
8ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/5a23d68c-d062-42e1-8b94-aba79ae85166.sized-1000x1000.jpeg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d9843ce1802136c3010b406c1463fce7db19f9900a7b47fa36e45cf020f4df22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 19:50:34 GMT
server: imgix
age: 131214
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 6c1311bcdadde35300f995271e9ccc1b7668af53
accept-ranges: bytes
content-length: 22497
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10023-SJC, cache-fra19124-FRA

GET
H2 200 11497b37-9242-464c-9b96-90693a4cbd75.sized-1000x1000.png
snworksceo.imgix.net/dpn-34s/ 56 KB
57 KB 21ms
18ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/11497b37-9242-464c-9b96-90693a4cbd75.sized-1000x1000.png?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c858836ee0e39293f17b5e049f41b0c9eaef113038e1d253d4c58b77a914ed56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 19:50:02 GMT
server: imgix
age: 131245
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 812fda63b2b32b5cd8ca4657e9cba67cdb6d15ad
accept-ranges: bytes
content-length: 57609
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10067-SJC, cache-fra19124-FRA

GET
H2 200 97f8d8c2-cddb-43dd-b611-71ebce1896df.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 30 KB
30 KB 17ms
15ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/97f8d8c2-cddb-43dd-b611-71ebce1896df.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2a87af26c65bc923b9a0985fd6249bbc1ffcfdb208071d4fe8a12aa7b5d08430

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 16:27:34 GMT
server: imgix
age: 143393
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: eb18000c80d8a1b36adb757f08a89db9d52e32f4
accept-ranges: bytes
content-length: 30216
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10070-SJC, cache-fra19124-FRA

GET
H2 200 51716b8e-ddd1-420d-9bec-f420463de91b.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 33 KB
33 KB 25ms
23ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/51716b8e-ddd1-420d-9bec-f420463de91b.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b1e0c8c2c40ea98c7e79eca089a5dfe442bb1c8b4c60e2a74af63a45fc9858f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 15:54:38 GMT
server: imgix
age: 145369
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 0aa42cdbf6c4ddba219bb635fa592399f509648f
accept-ranges: bytes
content-length: 34111
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10023-SJC, cache-fra19124-FRA

GET
H2 200 013d744b-d875-4685-bfca-cf7ec7330631.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 11 KB
11 KB 25ms
24ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/013d744b-d875-4685-bfca-cf7ec7330631.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5958d755bef727ec3daec57f93d4b714c9a411b1e81bc1bff49779a9199c1094

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 16:39:17 GMT
server: imgix
age: 142689
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 3c17ad1f0944a42ee5e7b31e24dda47173605c96
accept-ranges: bytes
content-length: 11419
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10075-SJC, cache-fra19124-FRA

GET
H2 200 08e2bcaa-f8e4-4f40-9b12-4d54f08e0cfe.sized-1000x1000.jpg
snworksceo.imgix.net/dpn-34s/ 37 KB
37 KB 25ms
23ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/08e2bcaa-f8e4-4f40-9b12-4d54f08e0cfe.sized-1000x1000.jpg?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

687527c208e57d54b463ece5fcaa194cd3292c4edb0d3408ffadd128804a124c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 08:26:16 GMT
server: imgix
age: 258671
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: 06d50228174cea42ad8ac91c6d98a3f7241b04dc
accept-ranges: bytes
content-length: 37850
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10079-SJC, cache-fra19124-FRA

GET
H2 200 daaa2331-cd0f-4f72-b581-7473d358a2b8.sized-1000x1000.png
snworksceo.imgix.net/dpn-34s/ 21 KB
21 KB 25ms
24ms Image
image/jpeg 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snworksceo.imgix.net/dpn-34s/daaa2331-cd0f-4f72-b581-7473d358a2b8.sized-1000x1000.png?w=800

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c2e7ee024a4c0c1f1b9a701fbcd653ef96dbc8534105aee2e6facc93b5cf1184

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 07:59:49 GMT
server: imgix
age: 260259
x-cache: MISS, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
x-imgix-id: e5603626514d5e876af29825c2dcaddc2f3e1e28
accept-ranges: bytes
content-length: 21667
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10044-SJC, cache-fra19124-FRA

GET
H2 200 34ST Show response
us-central1-web-services-dp.cloudfunctions.net/dropcap/ 4 KB
2 KB 62ms
6ms XHR
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-web-services-dp.cloudfunctions.net/dropcap/34ST
Requested by: Host: d8es5520nmizf.cloudfront.net
URL: https://d8es5520nmizf.cloudfront.net/4bc7b652335d4ccbe0590a87b8ba54ca/dist/js/master-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 86c7c2bc430788caa234f609d0ca91019bf3ec179b6584c3c180ac488af32fd0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 07:51:15 GMT
content-encoding: gzip
server: Google Frontend
age: 1573
x-powered-by: Express
etag: W/"10ec-MCyoMRFZfv5AJmqRyhz5K3uzVeE"
user-agent: DP-Dropcap
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 6c768eb77e143ad406fe2ec3f14eac07;o=1
cache-control: public, max-age=600, s-maxage=1800
function-execution-id: 9i5zc93naujj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633

GET
H2 200 btp.js Show response
www.rtb123.com/tags/773F3C17-7C67-20A7-40A0-F1BBB5264072/ 4 KB
910 B 519ms
124ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/773F3C17-7C67-20A7-40A0-F1BBB5264072/btp.js
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aa27f6140ef05882ffafa3a531f56d0222553e38477e037310a43c80b6e2391b

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 30 Jul 2021 08:17:27 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2019 16:49:53 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "804eaa8cd0cd51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 708

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 227 KB
66 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=26fc7eaf6e2f67f3ab549436b73ed486

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d32a1ede8cc1a978b6fa17d24ed17d3e632901867a43c140d8fd1657e3fd2010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GigwOzQ7FNyao02QTd6xFg==
cross-origin-resource-policy: cross-origin
expires: Sat, 30 Jul 2022 06:58:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67639
x-fb-rlafr: 0
x-fb-debug: 8onq06Px29GNufO7VUraUesveKQIAHsolucSb/Z+RgxI9cYTzZ27J43BoyhqCb6a+ZN6wb9FbJt5Q9FbeYG6tg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: f73f410c74888809f8f7da7cf64a36c3
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 30 Jul 2021 08:17:27 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "358ab54a85d40ab34c734f2fa4bc2f3e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1472853394&t=pageview&_s=1&dl=https%3A%2F%2Fwww.34st.com%2F&ul=en-us&de=UTF-8&dt=34th%20Street%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1475684630&gjid=881100393&cid=467386749.1627633048&tid=UA-707447-2&_gid=87527423.1627633048&_r=1&_slc=1&z=386981547

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 08:17:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.34st.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
458 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-707447-2&cid=467386749.1627633048&jid=1475684630&gjid=881100393&_gid=87527423.1627633048&_u=IEBAAEAAAAAAAC~&z=1418636911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 30 Jul 2021 08:17:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.34st.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/740b38/000000000000000000012500/27/ 37 KB
37 KB 54ms
22ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/740b38/000000000000000000012500/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 849eb578891d83f8262c8eb06fe113ef6b0c2db18e8d48540aeb6d4b97f43bee

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
server: nginx
etag: "41389daa972c9297d8dd47bffd350f8825826929"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37872

GET
H2 200 l
use.typekit.net/af/e61d82/0000000000000000000124fe/27/ 39 KB
39 KB 54ms
23ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e61d82/0000000000000000000124fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 412640f6199d6b01cf7a8b621d0edcccb49775de74e4dd430a210f9fbe2d9ad3

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
server: nginx
etag: "3451a1f3b439e3e9e091f68beee925ae9470b002"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39764

GET
H2 200 l
use.typekit.net/af/63cd12/0000000000000000000124ff/27/ 33 KB
33 KB 57ms
28ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/63cd12/0000000000000000000124ff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7ccb245308f9b91dc424715958420a2ced0d1d9dccb3335b1cda35167d9814fc

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
server: nginx
etag: "3ca04309952e1b7be1b5a0aadf86add19a6e852c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33632

GET
H2 200 l
use.typekit.net/af/e614cb/0000000000000000000124fd/27/ 32 KB
32 KB 316ms
288ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e614cb/0000000000000000000124fd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 84d4a2dc02914908eb5d9449575cac928c8264f72e754c56ef3579f9b197a854

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
server: nginx
etag: "384e16773296f22d09373a3274f7ea85ad33dcd4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32316

GET
H2 200 l
use.typekit.net/af/2cd6bf/00000000000000000001008f/27/ 46 KB
46 KB 46ms
18ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2cd6bf/00000000000000000001008f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a870f8c0efeb6e2f998fdf7dc1c4f9c074f7de696ea4043602e1677d1d34c062

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
server: nginx
etag: "dd5b169fb4bedb60e8626027fdc93f0b1be2f4fb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47172

GET
H2 200 l
use.typekit.net/af/309dfe/000000000000000000010091/27/ 42 KB
42 KB 41ms
13ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/309dfe/000000000000000000010091/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
server: nginx
etag: "e7811049bfa1845589c42f0b31c9740a16cee93a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43068

GET
H2 200 l
use.typekit.net/af/9b05f3/000000000000000000013365/27/ 50 KB
51 KB 48ms
21ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9b05f3/000000000000000000013365/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
server: nginx
etag: "22520917f01d8d34c0dcc1417c749962b8a47011"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51500

GET
H2 200 l
use.typekit.net/af/ae4f6c/000000000000000000010096/27/ 73 KB
73 KB 35ms
8ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ae4f6c/000000000000000000010096/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4ffcd198554ff7c94d76cb678ae1a4cd8544e64a4b61d5c5eb563ef360ad061d

Request headers

Origin: https://www.34st.com
Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
server: nginx
etag: "a6094d3b0b9610bca7d041a6bb6011aa335d9368"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 74476

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
25 KB 34ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e35b2249a7a8ef3470321325033cc39469911e3da1dee745af84154e71a3bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "944 / 343 of 1000 / last-modified: 1627596666"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24696
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:28 GMT

GET
H2 200 pubads_impl_2021072801.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
114 KB 72ms
27ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 08:38:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115904
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:28 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
725 B 211ms
29ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.34st.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8bb747031d40ddfde060874627299f89f78981cca7e87a4f0e90572d72efe96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:28 GMT

GET
H/1.1 200
OK friends2follow_socialstack.min.css
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1842 70 KB
10 KB 109ms
108ms Stylesheet
text/css 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210720

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b50fadf0848a8ad0115be0412bce0c1f998a0cdbdeb13b4aabb823d1e6bbc889

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Fri, 30 Jul 2021 08:17:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 591
Connection: keep-alive
Content-Length: 10116
Last-Modified: Wed, 30 Jun 2021 21:15:37 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 231146019 231131055
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: text/css
Expires: Fri, 13 Aug 2021 08:07:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1842 4 KB
727 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:10:03 GMT
server: ESF
date: Fri, 30 Jul 2021 08:17:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jul 2021 08:17:28 GMT

GET
H/1.1 200
OK jquery.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1842 91 KB
33 KB 218ms
109ms Script
application/javascript 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Fri, 30 Jul 2021 08:17:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 303
Connection: keep-alive
Content-Length: 33080
Last-Modified: Sat, 26 May 2018 17:40:47 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 575332104 575324033
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 13 Aug 2021 08:12:25 GMT

GET
H/1.1 200
OK friends2follow_tracking.min.js Show response
tracking.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1842 6 KB
2 KB 452ms
108ms Script
application/javascript 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_tracking.min.js?v=20210720

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e157827ae082f67c8429ef20dd2a914e8391e72db67ddcf32baa2cfe5d44a447

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Fri, 30 Jul 2021 08:17:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 293
Connection: keep-alive
Content-Length: 1599
Last-Modified: Wed, 29 Jan 2020 16:49:38 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 575332114 575324221
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 13 Aug 2021 08:12:35 GMT

GET
H/1.1 200
OK friends2follow_antifraud.min.js Show response
antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1842 35 KB
11 KB 461ms
114ms Script
application/javascript 34.193.255.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20210720

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.255.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-255-24.compute-1.amazonaws.com

Software

Apache /

Resource Hash

35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Fri, 30 Jul 2021 08:17:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 285
Connection: keep-alive
Content-Length: 10755
Last-Modified: Thu, 26 Dec 2019 16:40:28 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 575332115 575324374
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 13 Aug 2021 08:12:43 GMT

GET
H/1.1 200
OK friends2follow_socialstack.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1842 96 KB
31 KB 409ms
199ms Script
application/javascript 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.js?v=20210720

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

762dd25c58a7eac4dc6544abc73e20dacbe10cc8d4363776c4b7489ebbac5122

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Fri, 30 Jul 2021 08:17:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 270
Connection: keep-alive
Content-Length: 31046
Last-Modified: Mon, 28 Jun 2021 18:23:38 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 231146025 231138566
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 13 Aug 2021 08:12:58 GMT

GET
DATA 200
OK truncated
/ Frame 1842 109 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec75f5f81f8d9976ae985ba86f53f9a069e44f1ee66bc3595f97801abf582b3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1842 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1842 981 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba4dd3817b46f5d37c90b527e2affc1b950552cd5b6f4b5e722feb331a2728c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 18ms
6ms Image
image/gif 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=ziq1fqf&ht=tk&h=www.34st.com&f=9674.9675.9676.9677.10879.10881.10884.10886&a=230034&js=1.20.0&app=typekit&e=js&_=1627633048397
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:28 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 1842 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thedp.friends2follow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 283941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:25:07 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 1842 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://thedp.friends2follow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 309078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H/1.1 200
OK social.woff2
thedp.friends2follow.com/sites/all/modules/friends2follow/font/ Frame 1842 5 KB
6 KB 200ms
105ms Font
text/plain 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/font/social.woff2?49894406

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210720

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://thedp.friends2follow.com
Referer: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack.min.css?v=20210720
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: MISS
Date: Fri, 30 Jul 2021 08:17:28 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Last-Modified: Fri, 14 Feb 2020 20:14:31 GMT
Server: Apache
Age: 0
X-Varnish: 575332108
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 5316
Expires: Fri, 13 Aug 2021 08:17:28 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=9359095&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9359095%26t%3D2

43 B
1 KB

47ms
47ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9359095%26t%3D2

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 08:17:28 GMT
X-Proxy-Origin: 185.156.175.109; 185.156.175.109; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 431c4fb4-d24f-4fb2-b912-fae898f1f7c8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 08:17:28 GMT
X-Proxy-Origin: 185.156.175.109; 185.156.175.109; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1187159d-d49e-42d0-b301-4faae07d494e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9359095%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=9396080&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9396080%26t%3D2

43 B
1 KB

43ms
43ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9396080%26t%3D2

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 08:17:28 GMT
X-Proxy-Origin: 185.156.175.109; 185.156.175.109; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 11dd9f98-b50f-4331-93f2-3509011afd63
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 08:17:28 GMT
X-Proxy-Origin: 185.156.175.109; 185.156.175.109; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dc354776-eb7d-49bf-ac0e-964a2dabce36
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9396080%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK friends2follow_socialstack_on_init.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1842 87 KB
25 KB 111ms
111ms XHR
application/javascript 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_socialstack_on_init.min.js

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Fri, 30 Jul 2021 08:17:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 396
Connection: keep-alive
Content-Length: 25376
Last-Modified: Wed, 04 Oct 2017 17:48:57 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 231146037 231135579
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 13 Aug 2021 08:10:52 GMT

GET
H2 200 1f4f7.png
twemoji.maxcdn.com/36x36/ Frame 1842 396 B
796 B 65ms
20ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/1f4f7.png
Requested by: Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6dccdb92ef025cb94a915e2371385bdaa577d821ee00e1492a3f07f597bbcb08

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 5605e6a8ad2a7a774dd6990d7534f2bd19517d9b
date: Fri, 30 Jul 2021 08:17:28 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 396
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: 458A:09EE:12CA75:149CAB:61007535
etag: "60b5e750-18c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: MISS
expires: Sun, 29 Aug 2021 08:17:28 GMT

GET
H2 200 203c.png
twemoji.maxcdn.com/36x36/ Frame 1842 153 B
570 B 66ms
21ms Image
image/png 23.111.9.57
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twemoji.maxcdn.com/36x36/203c.png
Requested by: Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f660051d99613601209a3f52c728be1869db7ec2992a1ae2af25fc4da9e372e6

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 5ccfd6c7b46bcde3613f93891007375f1480f039
date: Fri, 30 Jul 2021 08:17:28 GMT
x-cache: HIT
powered-by: MaxCDN
content-length: 153
last-modified: Tue, 01 Jun 2021 07:52:48 GMT
server: NetDNA-cache/2.2
x-github-request-id: D662:A7FF:7276CB:7586DF:61008EBF
etag: "60b5e750-99"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
expires: Sun, 29 Aug 2021 08:17:28 GMT

GET
H/1.1 200
OK f2fi.php
tracking.friends2follow.com/ Frame 1842 43 B
382 B 120ms
120ms Image
image/gif 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.friends2follow.com/f2fi.php?domain=thedp.friends2follow.com&wi=4&it=108/17053/26640,108/17053/26634,108/17053/26635,108/17053/26633,108/17053/26628,108/17053/26629,108/17053/26627,108/17053/26624,108/17053/26611,95/9287/26612&ti=1627632946&ha=c9629c57964cdcfd52c431a700f319ee&fi=59a1b796042b7c27ca0df7318423ccd9

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: MISS
Date: Fri, 30 Jul 2021 08:17:29 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
Server: Apache
Age: 0
Content-Type: image/gif
Cache-Control: must-revalidate
X-Varnish: 231146041
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H/1.1 200
OK masonry.pkgd.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/js/ Frame 1842 23 KB
7 KB 106ms
106ms XHR
application/javascript 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/js/masonry.pkgd.min.js

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Fri, 30 Jul 2021 08:17:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 327
Connection: keep-alive
Content-Length: 7034
Last-Modified: Thu, 10 Nov 2016 21:28:54 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 575332127 575323367
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 13 Aug 2021 08:12:02 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 252 KB
40 KB 740ms
739ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1157632325983166&correlator=4177806783020597&output=ldjh&impl=fifs&eid=31060438%2C31062048%2C21064366%2C20211866%2C31062065&vrg=2021072801&ptt=17&sc=1&sfv=1-0-38&ecs=20210730&iu_parts=12234093%2C34st-Leaderboard%2C34st-Top-Rectangle%2C34st-Middle-Rectangle%2C34st-Mobile-Leaderboard&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C300x250%2C300x250%2C320x50%2C300x250%2C300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1627633049&dt=1627633049100&dlt=1627633047771&idt=600&frm=20&biw=1600&bih=1200&oid=3&adxs=286%2C1285%2C1285%2C-12245933%2C-12245933%2C-12245933&adys=70%2C50%2C315%2C-12245933%2C-12245933%2C-12245933&adks=1431065736%2C1792969111%2C463008574%2C2312306103%2C3386826502%2C899346005&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.34st.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x105%7C300x265%7C300x250%7C0x0%7C0x0%7C0x0&msz=728x-1%7C300x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=467386749.1627633048&ga_sid=1627633049&ga_hid=1472853394&ga_fc=false&fws=0%2C0%2C0%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1a28c02ded40bfc952d32105b54395e3539851bdf74a4f7f695fb8f0119a25dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40563
x-xss-protection: 0
google-lineitem-id: -1,5739141275,5737716649,-1,5741063660,5741063660
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138355738083,138355574267,-1,138356370805,138356039757
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.34st.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C975 6 KB
3 KB 58ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.34st.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.34st.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 08:17:29 GMT
expires: Sat, 30 Jul 2022 08:17:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK friends2follow_infinitescroll_and_share_follow.min.js Show response
thedp.friends2follow.com/sites/all/modules/friends2follow/dist/ Frame 1842 24 KB
13 KB 108ms
107ms XHR
application/javascript 52.6.83.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_infinitescroll_and_share_follow.min.js

Requested by

Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.83.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-83-111.compute-1.amazonaws.com

Software

Apache /

Resource Hash

479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://thedp.friends2follow.com/f2f/widget/html/socialstack/4/0/10/140/1/1/1/5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache: HIT
Date: Fri, 30 Jul 2021 08:17:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 304
Connection: keep-alive
Content-Length: 13249
Last-Modified: Wed, 04 Oct 2017 17:48:57 GMT
Server: Apache
Vary: Accept-Encoding
X-Varnish: 575332130 575324023
Via: 1.1 varnish
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Fri, 13 Aug 2021 08:12:24 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 1842 96 KB
29 KB 23ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: 70a12c6c00f6fed722c0b46ad1ebb8a2c11c27121f3b8d65c254a9221965ed72

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 08:17:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 21:46:55 GMT
Server: ECS (frb/67E0)
Age: 895
Etag: "69dea0a9b81d008237dc222450b4485f+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29075

GET
H2 403 platform.js
apis.google.com/js/ Frame 1842 0
0 388ms
388ms Script
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/platform.js
Requested by: Host: thedp.friends2follow.com
URL: https://thedp.friends2follow.com/sites/all/modules/friends2follow/dist/jquery.min.js?v=20210720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://thedp.friends2follow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK widget_iframe.0504c5db6e58d499a7ba93c246a8554d.html Show response
platform.twitter.com/widgets/ Frame 97B4 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0504c5db6e58d499a7ba93c246a8554d.html?origin=https%3A%2F%2Fthedp.friends2follow.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://thedp.friends2follow.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://thedp.friends2follow.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 36906
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jul 2021 08:17:29 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 29 Jul 2021 21:42:40 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E0)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 97B4 232 B
431 B 159ms
122ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=ff48f01ed7f6b162edbb57efc7cc0073d320bbf3

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0504c5db6e58d499a7ba93c246a8554d.html?origin=https%3A%2F%2Fthedp.friends2follow.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:29 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 08:17:29 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 4bee2330d871399d16048eef00f6d31098c9ab82c21712a0742506b456c40038
content-length: 166

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107200040000/ Frame F3E4 188 KB
55 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d51b5c14fd6455affd3baceb0d2015c532566645fd80f645260c803a8b0f1c57

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55196
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 09:51:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a8830a242785ad6"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 09:51:19 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame F3E4 13 KB
5 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 09:51:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "82cb572e3b54d217"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 09:51:19 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame F3E4 87 KB
27 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27828
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 09:51:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2309f93374d1f64f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 09:51:19 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame F3E4 71 KB
16 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85dff621ce266a4ed39e36fc4ed2266ddde3ae98fc0f7f194d48c6220c012cfa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 313740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 26 Jul 2021 17:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8f20cdf17b5cea36"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 17:08:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame F3E4 4 KB
2 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1648
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 09:51:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0ef177dade489237"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 09:51:19 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107200040000/v0/ Frame F3E4 40 KB
13 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107200040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 80770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12831
x-xss-protection: 0
server: sffe
date: Thu, 29 Jul 2021 09:51:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "896e0bc3d66ccdf5"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 09:51:19 GMT

GET
DATA 200
OK truncated
/ Frame F3E4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7c3362896f0cabe428785201d6cabf1c779383725a06007ee134e8c7dc337a7

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B58 0
0 44ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQeqc-kkLXgtao4eYr_fgSAAcIyvnttckj2KvRuZdLshczhDaArCJC6CWpX7WUb1qF8RAlJI4yHZtoTtM910chrIqba2WmaCxUXyrrWnr5yprxWown7wM0velDMyAGyCHOQW6ovw18gIeOLw5_n2W8L3Cq0ZlYYI3Da6a0mtVPZgv78QeWa-IJgvO55GoUXixIt7vLulMg8Zc4HDJzkg18TcEr_WmkDWM72nNcgDPkx95FHDIfyDHY4DRNVtbNNqcvYy89o_XrYnAGJ7-xOm6Wcn44ZsqNCVdo-Zqq4Mxqj637bb95v12yF2BSDQ0&sai=AMfl-YTUimO8xYmcAmsbVprF5vVCJ7jZ-VvTMM39W0kWed9C7LJadiBwEL0LDfu-m-rlXfSbcZfMeJQ6Vu72KhGiMNF4t26zOwQ6WPiqJwoR2CrX5jxZ-BFdoLfMgO2HZrpA&sig=Cg0ArKJSzNNJe0RFXngFEAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 5B58 18 KB
8 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:16:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 5B58 2 KB
2 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:15:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B58 124 KB
37 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H2 200 2077692490318084533
tpc.googlesyndication.com/simgad/ Frame 5B58 90 KB
90 KB 33ms
8ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2077692490318084533

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80253e03166947ea180652f2fd0f4e77827ad8fee2072bfe5ed5b07c2f2a6c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 07:50:33 GMT
x-content-type-options: nosniff
age: 1616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92197
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 20:15:13 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jul 2022 07:50:33 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E519 0
0 44ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8Lnx0O_Y9DE5tiS1XuOgcIka7A9FJbUkBOHnl9eo5uVRbXI1URN0FJuknZg9WVAbUyp8tCUe5e6zKvxqXVLuOKMa_fKaXIUChQK9VxzeTJBVtqyxGLSg-2Vgv9Hupj-yvWb5oeJ8f63ZXCFrnGzKzf2xQbiIvTxRIO5wflGVPE1z48sT3bs6ebG9MCZLhvJZMh0CHdtAbmtI_Co1vJ1zcJ-QqVZD3SJV6Y4QaOVCodYZ5TgPh_uxeuKggzWr55QdZm7WkyY-slbqrnD_3atm0PdJREiGaOgsqiALBLwtguAWt3AL2ZCuPgya-z7HefV4&sai=AMfl-YQ4dTjPwoGkwqTniFgd2FY7ZFTd-GjJtGbR9mlX6wj485rhNo3LmUrDSmy0T0BBoF5jphL0efIUgVsxIbx2hKVaVCuT92bg-ucQ96Kt_0c3HLNklPpiep3Vn4DLxlOI&sig=Cg0ArKJSzMheI58bDQuvEAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame E519 18 KB
7 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:16:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame E519 2 KB
1 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:15:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E519 124 KB
37 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E519 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSncQWQr0k9ZABG9A3LzNE5SC0SFFntqjgJco2zmqXMR0aY8iJynOJXt5J6huwIDriOQACiOVKVzqhzJPxuaN672m8R4Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 9815112469132789368
tpc.googlesyndication.com/simgad/ Frame E519 60 KB
60 KB 42ms
23ms Image
image/gif 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9815112469132789368

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5987eb61acb2a46f47850a9dd4a3cbfcee19512eddc0ec95c9a904313c0b01cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 04:45:59 GMT
x-content-type-options: nosniff
age: 99090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61002
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 21:19:55 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 04:45:59 GMT

GET
H3-29 200 container.html Show response
2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C46B 6 KB
3 KB 40ms
11ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.34st.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.34st.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 08:17:29 GMT
expires: Sat, 30 Jul 2022 08:17:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB21 0
0 36ms
32ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK1LDTPAxBdujLqUJjqAEDpIGmUKzbpqjA79vMrk7DgMrfpFdjxg5tlKSDPm9bw_yAoghIFrCZbSbyhEelBimnTz3BbmTIZiW3IjLLhibQa_98c1D0MORTGun2Dod9D1SOjQq9s_apABSZ1vY1UighjMcia4647216AC7mlzLMhWdr4TQ2xJIijJPZfYvMq20sQNp3bkryxJztYhqRaayXv21bw8hx0eQ6yQ8b3hpd5yfPHBJqA5zehlVPeYYPm_ABviC_qka8qQGP71yBki1iXsbx1-uGRZzWfUinXkip9G9X18sg7lIRnR-pLcg&sai=AMfl-YQS7_7xAwqqzqCSr8oBnWLh6DOFJJ6jH1Zc5e15Y-5HvAE4syIit_GbB-jyc5XeiTfoAqi5AMqSZ2TNwDBRNii-bYksLulOVgs02v3Zpl47Rp0_vH6B2vRgrGGuElgP&sig=Cg0ArKJSzGVr1k6zo9dfEAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame FB21 18 KB
7 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:16:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame FB21 2 KB
1 KB 37ms
32ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:15:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB21 124 KB
37 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FB21 0
0 35ms
17ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_TFUVZjZ4c36gXoBFztqdIrhkds_14gpU6prrDTlgezkuiT_JHiAwZh7pUXB5W0bIplN1yfzWxpmw0eHcidBezKqhJw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 7158223398151730092
tpc.googlesyndication.com/simgad/ Frame FB21 94 KB
94 KB 47ms
8ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7158223398151730092

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36039c49dd465af4e67d029ca17f86bf1f51ac8f0550c934eac34e974ee33a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 07:36:31 GMT
x-content-type-options: nosniff
age: 261658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96650
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 20:24:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 07:36:31 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF89 0
0 60ms
31ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQUcd_NYlA90Bba3FK7mR-49oAvjXeSCn-6UMY3bsm7ToQL_Z8SjMJF6TKx7WBmaZrnPfn8a2IcEufgvy5T_kGYd173cWBwou6zBsUS34wTrk6srZsxsi8BuR3el5nfRpPEiIck_dyO7x8tdOS6VBGBbQ7k9v0kWzwLSO2A88mRJDpjMoZCORvzPiYVnW4VDPHVKgWg4rVHBF4sSSt6BXwSIekXmbIcH9pAYv87JbhaOVx-3_zEBAH2keD50CaFxVEdnbhuG8g1EEYV4-CAQbF6RIBFU-CIctM7umFaaPzZcbkEhG-iYux50ZhfisRHGA&sai=AMfl-YQKndOmcvkVdxvWAIj3RyUOqHNCgPCvPsGaExbnTqSusadraSicFuvp_xRU83_q9BKlahlPBYH0nTVxny1Jw-9Ov3NuFjc2MzD9jMHvr1Add9UqEO005TRl9hJFeUsT&sig=Cg0ArKJSzO9d1QPdJufWEAE&adurl=

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame FF89 18 KB
7 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:16:09 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame FF89 2 KB
1 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:15:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF89 124 KB
37 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FF89 0
0 39ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQm5r_U4xEzfFQRkBRHjyHb9nubACAjiiaUOSYjDdE_Q2cjjMTy7SkHaWQEWf0oWA3fq5U0n68OoOwi90A8vaGVoYyvJA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 11015006043270687036
tpc.googlesyndication.com/simgad/ Frame FF89 180 KB
180 KB 37ms
11ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11015006043270687036

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1afcbf679b17da83efc7b9a760919b46ef8cc4e59fcfe13852eee9f7caa722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:19:30 GMT
x-content-type-options: nosniff
age: 259079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 183920
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 20:25:11 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:19:30 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F3E4 2 KB
2 KB 30ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 15:34:33 GMT
x-content-type-options: nosniff
server: cafe
age: 60176
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 30 Jul 2021 15:34:33 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F3E4 295 B
319 B 20ms
7ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.34st.com
URL: https://www.34st.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 12:37:33 GMT
x-content-type-options: nosniff
server: cafe
age: 70796
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 30 Jul 2021 12:37:33 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F3E4 0
0 44ms
32ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJPF6mbUDYYqLCsiNrAT_54TgCOi5s8hjyrv1gJUO8vL4g5UaEAEg7ZieC2D1lc6B4ASgAfeigM0DyAEJqQLsNosyqYCyPuACAKgDAcgDCKoE3gFP0MI3LnOqejzL8pMLyA6-QSHYfybdboQFxGJuUEtNIZBumHCNZ-bSRxItW5_4tqiKfcBorvZNPCgyAi2_UqwkbLsfcIPHTxHqbcaMGVOwHQfKtc-jE99bJRhkUJ-R6MDzWLs04DIMiwWf1yIMssx4N5B0NQrpb2V-sq_OYtCwOc6DemM1XtOLAiQJ3smUozxX1lejfJtPTw4b7ap_V37Pmb2WHcIRM8DeGDYW8mUrUI6ev_ldupwkjWP4wwRE7L3Tv6xuT1jGhRW5yajmAh_IL4z_UEoH3gQAyvfu27DABM3JzKn0AuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfx3P8yqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENWuG9IIBwiIYRABGB2ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMTE0Njk0NzQ0Mjg5MDMxOA&sigh=GBurXkifoq4&template_id=419
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eca48824a13b12bd6503bda806b0a66f2b0810fdc90796c0e763c3f934cee5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472111755377"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:29 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 48ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5824b027afa06231b4a4a1fd0b3ca562f21f380bac42255713afa09e20529306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8520
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5B58 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3efaf715cb34d7b8f6fce10214e26cf47c8c701f618f8f7ded7b2e80e7697b24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E519 0
0 63ms
62ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgdjrgcw9El6PjI0HtolhLBGEqTh1JgGBTPT_g2zmy5vO1uYHTsLQtXgq6FII5PasghlECFe8JVu_PZgsIyZruQaexpHR7IM3W-t5fmv-cMK5RLlQbpqoHCqKg18iC9UI36p2q1bfr3phh3RZVs1APhVyvSIqA9Cv_w5ROQuAHaHNI9h9V7bC179bm-wWEMYPdqg2TkZG2fhvILS31cpdtRAUkdcX2tXtl4xIEwDGPJdilMIR9sFk4CdqacL0WmnDWXEa5JH7zWGkwEIOj4soAJYkjGo09uR7AgHgc3PnStZrokCxLwrn0ZjAuvYhS0N26lA&sai=AMfl-YRM3rI27YLmr_gJbcV5S_ef_o4F7t-5pWh2vl4lR4C4pikkaEq-3tcTodIt0FMfD19bB0qJQ2N7KV0FfgGbW8GLI9TUCB68-Fo2ZrRReKeEUHW7gw7R4_1PeCc5hRcG&sig=Cg0ArKJSzIMNoJf0e00LEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
DATA 200
OK truncated
/ Frame E519 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8acd0684e2342428ad56e8085e491222c82fa7156b8c225704b4ed7edd108a1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB21 0
0 54ms
54ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-CHJRuEAqaePMJVYm4SEAdgdX7E39Fe2tlGOX1jULgWMhsLOoxRZgyApoLH9RhXciO6JE6l8XxCp1XwYXpEYSu7r9vBsFcHCaR-cocKfRKwuSMsDWR2Anr8chJMJJaB_8M_NaUNX-nXWqyWl5O5s6UU3FD9R8BNLlLa6oraRkHeC0YN0_eiIQ55cUyeSS6paK2v78gzHbeN9T3WoTG6lY4E9PiDv9B_EWyttZXygifUlkIw3XpTE6hZdu_LZhjb9Aw5xFd_k-tZMF0ZHpPk6Zgwm1eYqStjzQ-seQA7k6e_8wvSPVnvHSV_ZKkyAkMQ&sai=AMfl-YSpfEpfMSRS8wgRLkp00GmZeExQdGpcXut1SCICLcWRq5wY_EmZnferGhEYe5sNEyFBlV2PyWSiONkE_seeMziUCXBK3G7bXk78twj3mX8bEZmc2h8-IFM_TRABqZYE&sig=Cg0ArKJSzO-h47UsNUnwEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF89 0
0 54ms
54ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSLpnRcdJDRzZYBPGcK_S0wwHAKg2AZuTXKZ8rrT1k7Fpe8A1yW97cG-E3XommWupT0zrEBdmHwUqtVfsKdQZ5lHGeYwU2HDlEyH3g3LY-2rhCXJRx5z6zEgzmvUC_2eb8npVSN8sJob_DZzI9d8EcmcEKVaoTRKNPdfpjIY-vg-XlH7WZ1m3r0PkE_ixzHIel9_93-WQI4-p_RPA3saKh-tNBBmxhy_EMhncYvLHLePclDVF05sZWXwzdVgwZ9eNzqXPEBn8SjaV1lCaYhfY5SdN5FJWprvgV0E-GJPSy24tF0IQg2X9QiZ_9XVpScGd7tg&sai=AMfl-YRJEE0xpeN1f-HJnN7ROe9BYjUR5IWuWFk5G-BOa9cJ1v172daxfoYHxTnP5UxiiRePxwdmKYS2fX_O4eOesYHZcNuemyh74yOrvz9J1R2BMfaGaLSKmSF_Ifn8cVfL&sig=Cg0ArKJSzJ7p8ohSZbOWEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B58 0
0 54ms
53ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvz3a1TsUgDaUigVkXGyJbfrsZLHj-7rjHztWW9rP1j9hiYegosbQuwR4hWC0NfkdHGwOEyX9vKk6UqhdzTeIPhkqc_szlfLrp8CR3CoAQQ4psKz5k5O9yQdouO74ot3oKFqrAXEcDdlUgIBLIplWvST2jTn1J_8jHMh6uxeL4ZvYBPZVjaowE537qjD1DtGkKHHH-Cl5ghZgeIdfZaKzrB8mEbHhRX5RJEcBOFwgtn4Z5F0vUYD6U9tREWV6wj5UW_-WY2VkWZIyvaKg2fBLthdX-M5RnQU1Rr7cGTp45HL-OB1iERjVQr8var2hxSBg&sai=AMfl-YRerI7ALZY4ljyNguwZzTCH_4KycDgmJ2JE9geCcbxmhxpnOnQKp80ma2nC2xS0ibgWpzLAe_y7DX3bwz4_bEzLVDe17g7YN45SuPuRtk9FT5JOc0CQd50GDbT0IcSm&sig=Cg0ArKJSzHkQDRq_uxs9EAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 08:17:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C46B 0
0 30ms
29ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuKYFmbUDYYuLCsiNrAT_54TgCMaMgtRg2o2OqqoOgZmVpLsVEAEg7ZieC2D1lc6B4ASgAe-8ttoDyAEJqQLsNosyqYCyPuACAKgDAaoE4gFP0CN971xdm5FzqPhzLg7oy4DIirrt3pxSDHiGCxTfgOQRJzbWbMO6V9MI6nc4KFYyb-7L_1Jcyhrt2vVgl_4tNcI7b98TtQWE0-ClMJ1CumNPBwIP8RyLA8VHvG_JpuUkh-kPYpv8WcbcE8hEI-Kxw-MuhuMTnwpjv8R0v4dVD4pdmPqDI983_lxlg3_2p_xngucPcl2KFgKVyJID8NZeCDUHSuPExMhvk_nm7tdpIQe6HpbBkNPjHaukAlKjS6Im8NXNKad-78U1Q1kDLIKE_eHKgiJiEnWX_GcYQksrXLpRwATe_N-m0gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGEYAH-cLJJagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxCrRdIIBwiIYRABGB2ACgHICwHYEwrQFQGYFgGAFwGyFxoKGAgAEhRwdWItMTE0Njk0NzQ0Mjg5MDMxOA&sigh=nZ2E3_76OsE
Requested by: Host: www.34st.com
URL: https://www.34st.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 embed.js Show response
storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/ Frame C46B 5 KB
2 KB 246ms
221ms Script
text/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNoiCmbUDYYuLCsiNrAT_54TgCMaMgtRg2o2OqqoOgZmVpLsVEAEg7ZieC2D1lc6B4ASgAe-8ttoDyAEJqQLsNosyqYCyPuACAKgDAaoE5QFP0CN971xdm5FzqPhzLg7oy4DIirrt3pxSDHiGCxTfgOQRJzbWbMO6V9MI6nc4KFYyb-7L_1Jcyhrt2vVgl_4tNcI7b98TtQWE0-ClMJ1CumNPBwIP8RyLA8VHvG_JpuUkh-kPYpv8WcbcE8hEI-Kxw-MuhuMTnwpjv8R0v4dVD4pdmPqDI983_lxlg3_2p_xngucPcl2KFgKVyJID8NZeCDUHSuPExMhvk_nm7tdpIQe6HpbBkNPjHaukAlKjS6Im8NXNKad-78U1Q1kDLIKEv-PHEMqmqm5ERHOy7kSD2ItJO05HwATe_N-m0gPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIiGEQARgdgAoBmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_2ULR9kOkFQ6nRL7BoRK1oz9Y2j1g%26client%3Dca-pub-1146947442890318%26adurl%3D&cb=931112944
Requested by: Host: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
URL: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 341d7b4e74f42968b54aa84bf48ba09079b105afd99981f16a360f3e33285240

Request headers

Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Jun 2021 06:48:58 GMT
server: cloudflare
x-amz-request-id: QGJ01HTHHX263H7Q
etag: W/"4b1bcf0905e29e204d1dace8890445a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 676d26a3ea504ece-FRA
x-amz-id-2: xU/0IYqUZ/2Pf6wy7ASG4kkqKzzeEPgNF7R51W74Qd1R1M6KJvYfAtQNZfPSYoXnrXMZTnLlhrM=

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame C46B 31 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
URL: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 07:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12641
x-xss-protection: 0
server: cafe
etag: 13371490116692223486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 07:29:02 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame C46B 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
URL: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:15:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C46B 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
URL: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame C46B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
URL: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:16:32 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C46B 0
0 14ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKoBBZDkqcugxPM4g36sB65sN7fc2QNh1sJ-oLqg-dz4Y0UuocWwVa5io-f1PcHIlpcRX-vUM23HnrrkcG17yD7EgmZw
Requested by: Host: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
URL: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame C46B 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: 2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
URL: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 08:16:09 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 80C4 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.34st.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.34st.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 30 Jul 2021 08:10:12 GMT
expires: Sat, 30 Jul 2022 08:10:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 148E 783 B
532 B 20ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e58f1cc5eaf947872132e193a2e81cbb3f30a764bb495ad29c1501c07a19d45f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EM6/5feSWEFdYH6PIuL4Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.34st.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.34st.com/

Response headers

expires: Fri, 30 Jul 2021 08:17:30 GMT
date: Fri, 30 Jul 2021 08:17:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EM6/5feSWEFdYH6PIuL4Wg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 80C4 35 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 06:37:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 92387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 06:37:43 GMT

GET
H2 200 index.html Show response
storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/ Frame E0D2 15 KB
4 KB 206ms
205ms Document
text/html 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/index.html
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCNoiCmbUDYYuLCsiNrAT_54TgCMaMgtRg2o2OqqoOgZmVpLsVEAEg7ZieC2D1lc6B4ASgAe-8ttoDyAEJqQLsNosyqYCyPuACAKgDAaoE5QFP0CN971xdm5FzqPhzLg7oy4DIirrt3pxSDHiGCxTfgOQRJzbWbMO6V9MI6nc4KFYyb-7L_1Jcyhrt2vVgl_4tNcI7b98TtQWE0-ClMJ1CumNPBwIP8RyLA8VHvG_JpuUkh-kPYpv8WcbcE8hEI-Kxw-MuhuMTnwpjv8R0v4dVD4pdmPqDI983_lxlg3_2p_xngucPcl2KFgKVyJID8NZeCDUHSuPExMhvk_nm7tdpIQe6HpbBkNPjHaukAlKjS6Im8NXNKad-78U1Q1kDLIKEv-PHEMqmqm5ERHOy7kSD2ItJO05HwATe_N-m0gPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIiGEQARgdgAoBmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_2ULR9kOkFQ6nRL7BoRK1oz9Y2j1g%26client%3Dca-pub-1146947442890318%26adurl%3D&cb=931112944
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9cd1fc63e362d64be03d536cdd197bf2d56d6bce55a854d162247c934d022de

Request headers

:method: GET
:authority: storage.bannernow.com
:scheme: https
:path: /7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com/

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
content-type: text/html
x-amz-id-2: +QmKsW8qHFs9q0FceTVwF2/yYFHI5/vTfjbL9WoDM1YILkIkTfJzNK0RgjCXgAGTTf8kAgpnwuA=
x-amz-request-id: VH7HQTB0ZMAA929W
cache-control: public, max-age=0, s-maxage=1200
last-modified: Wed, 30 Jun 2021 06:48:58 GMT
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 676d26a55d9a4ece-FRA
content-encoding: gzip

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072801&jk=1157632325983166&bg=!enmleT3NAAals0SOpbM7ACkAdvg8WlMzV8FfxqdI2MebJLexRR34Sbb1ln3oiKoVMuAtre9GMbjSmwIAAABtUgAAAAxoAQcKAJ_XXjFyuUWwZX4bnT7DrkbC1d7o6TynAbqVLOTLVjxZ42Y3YZTnZO_4IaUxu2lwmS4pckjfb60Iyx-5Ef55QQ5g6zm8DRh_xCgC9bURQLAZt2l9u4TijkJg7zNFuxsJWS2eVDgZ-8IZ7UAyHN1aguYwRkqoyLYuhRDoNkBvI7P6oXCV--Tk7uvLU4u2dV6sWAQ7S0Kl-b8wH1CHCK-vQxKZAnTJldOeE52NfkGMxVYhI6WsULwGTzhPC813HL1rCcJRpGIQeM_vW3uk9wa63DYfbSMZQAPY4HlzgW2DQqHlfL-feYFrfguaPmaPFCfkHmQsxRKOyXn3Uoq4OhzDyDYZi7Gu42a4lkxH4kEtwzdrHlUPxxMRDdVP4-jmLc4oFUcAeANa5r0ubgyLvhELQNrUr1STovlROG5ZLbUy3RgmM-tSnodNP-yv487StqmeU1rI7--LaIdkDXnHUjs2QX9JVtblqbiiSyS8L-lRFOKUbd5RSEhaDxPl2R2TjMJ4-P9ofrkedRgCDHoXeoiTqvPRMRSuykRw1LKJKVKn1boxg7zEhcjmPHztmAQNy7YGWgaGWBQLlrcrQwNcbazy4PhG_1pn6vE4HIasA8Lx_jGuFUiikooZtIUUANn3KwqKTGMehkXjwSfFJ9jrjZo8fo8m-QCvxT1KTRLcsd3bl47TFai7ocfzxiyRfCflj6Uegz52r8nQgFxTmIEV7oXclg_eNwytlsmsVv8yWngj8YmnpsOTnR0e1EJzHlNSy2aFwiJByM2Ch_zrIDKw7ddGqi_kJQZ2gJwYaijGpXwbKgZyWhnv6OrlWdk_C4mebBIdgrDftFlrLdzcdDqwHr3Fteje6vJwWN7cFOv0-H5MT-YyrpHSAQpl5RhilfjN_2abggXebDraIlPoFya-KzZ1xOnJ5e5HbAteYHkDLpiI1YkfPslkHUIKTTVBtWvzuEvlW48i4-_0YhnZ2UbKJzhP0gH91mMa3gxGqVhGM__OwG72pKhAHybh1T7MaqKhDaXFCXzXTr6ogQo-SZINL1kbk4N-OZNJdlH1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 08:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fallback.gif
storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/ Frame E0D2 12 KB
12 KB 238ms
238ms Image
image/gif 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/fallback.gif
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4226e10d3997007b3aa0dc40c1b37967563cce7cbc2e3bb95f8ed3b3e7a860cb

Request headers

Referer: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 30 Jun 2021 06:49:00 GMT
server: cloudflare
x-amz-request-id: DX7DFKD1DP0APYR9
etag: "8b89123c8374ba507c1bb6ee14e40010"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=0, s-maxage=1200
accept-ranges: bytes
cf-ray: 676d26a6a8c74ece-FRA
content-length: 11939
x-amz-id-2: WMTkcrcMfQqbIaDboW8ntvlddUzODbHWYQFmuEWW1PZwsyPOJ4iYazcD034XtlpxqqwJIf+G1Y8=

GET
H2 200 tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E0D2 108 KB
36 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36734
x-xss-protection: 0
last-modified: Fri, 03 Jun 2016 20:37:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H2 200 bn_1.0.0.min.js Show response
storage.bannernow.com/resources/lib/ Frame E0D2 88 KB
25 KB 17ms
16ms Script
application/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8f47ba3fc9f8abe199256c4a10e740350824da156811d038a795186e03985b

Request headers

Referer: https://storage.bannernow.com/7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 11:14:47 GMT
server: cloudflare
age: 3141
etag: W/"8169d9965ac945c36744c4e170e8cc59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 676d26a6a8cc4ece-FRA
x-amz-request-id: G9S67KPWNYMS94N4
x-amz-id-2: Ko808/0AHlhV5Jg/JxUcxgos3srCmvYTx+sKaQPcXuLxqBVFg1/TiGlUqYFhs8azwJp5CJu6pvs=

GET
H2 200 pixel.png Show response
stats.bannernow.com/ Frame E0D2 95 B
737 B 187ms
152ms XHR
image/png 34.102.219.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.bannernow.com/pixel.png?user_id=usr_cjty5v088000uj6npz2pi4d8r&banner_id=bnr_ckqi44z5500gyi8mqll6vjdwi&bannerset_id=fdr_ckqi44z0z005bi8mquklcdkll&project_id=prj_cjty5v0d50014j6npiwwrfrw8&domain=www.34st.com
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.219.251 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 251.219.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
x-guploader-uploadid: ADPycdtKHRCYCkYvd05uSJXnh1EI3XS3rxIc86jNa6BcvD8hhrBeKd6hnfckvc6w3Mbgz6PwazVMuiRtjduOas9thyB23eNT8w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
x-goog-meta-expires: 0
alt-svc: clear
content-length: 95
x-goog-meta-pixel-region: US
last-modified: Sun, 04 Feb 2018 01:22:19 GMT
server: UploadServer
cache-control: no-cache, no-store, must-revalidate
etag: "9591c410148e6883727c5339fd1c02cd"
x-goog-hash: crc32c=vJqQig==, md5=lZHEEBSOaINyfFM5/RwCzQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1517707340066543
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-meta-pragma: no-cache
x-goog-stored-content-length: 95
accept-ranges: bytes
content-type: image/png
expires: Sat, 30 Jul 2022 08:17:30 GMT

GET
DATA 200
OK truncated
/ Frame E0D2 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 css
fonts.googleapis.com/ Frame E0D2 664 B
451 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:15:12 GMT
server: ESF
date: Fri, 30 Jul 2021 08:17:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E0D2 672 B
432 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c17e2ed4cd8b80956eac25d822740ba6028330f2a1738fdd4f77a8dda5eda3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:09:13 GMT
server: ESF
date: Fri, 30 Jul 2021 08:17:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E0D2 672 B
433 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:900

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:16:08 GMT
server: ESF
date: Fri, 30 Jul 2021 08:17:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jul 2021 08:17:30 GMT

GET
H2 200 /
icv.bannernow.com/ Frame E0D2 51 KB
51 KB 25ms
15ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=857&h=444&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2F7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx%2Fckqj4bj46002kurmq1wtdvtpm.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b0b75c72000076c630f0ba8fa11b039369bafec56595146748ff849441fdd10

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 854940
x-amzn-requestid: 6db9f327-2baa-4cb1-8e2e-c9e7f298c150
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: Cw9_yFTSIAMFp0w=
content-length: 52182
server: cloudflare
x-amzn-trace-id: Root=1-60f6a9fe-6ca5d8bc5730a1d8603ec48a;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
cf-ray: 676d26a83c234ece-FRA
x-amz-cf-id: Zg0NpIXvGayH2vDubHj3oqYsbtiaOT-e8XTUjwbTdHE1wO_gDiYAtw==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame E0D2 972 B
1 KB 28ms
19ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=67&h=40&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2F7GgEZ9OMlBJYV5EQ2E5yP0pWvb412Qd6nHnnHoI7mx%2Fckqj4bj4d002uurmqjxc3pwe3.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb9ba91214ea0aa69dac8e5df2dd1c28428d239ecd82fa68c201981ef6ab4f44

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 08:17:30 GMT
via: 1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1353778
x-amzn-requestid: d3c2b0b6-ba0a-434b-b002-c1e9d600ba10
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: Cd8ITFHxoAMFzFw=
content-length: 972
server: cloudflare
x-amzn-trace-id: Root=1-60ef0d68-709f483772137e270d95bf4b;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 676d26a83c214ece-FRA
x-amz-cf-id: 3373jhHi4NFgXIXfUNuRPAf0PF51879Y09iOe_LiNIzoLsc7Gb3-xA==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame E0D2 23 KB
23 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://storage.bannernow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 288049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame E0D2 22 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://storage.bannernow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 258188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

GET
H3-29 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame E0D2 22 KB
22 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://storage.bannernow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 04:01:05 GMT
x-content-type-options: nosniff
age: 274585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 04:01:05 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E519 42 B
174 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPbpM5oPxnVo3cnE_CxIyVmO0T3M8gTbnyr159C1N5S8EMvPfkhathptoprKKvdTSqoAXrPDI6hOX9lNqR3F6kt6dzyptzxwDpeiKm_ud11d9TMODo&sig=Cg0ArKJSzAcmpWxUB6QJEAE&id=lidar2&mcvt=1000&p=315,1285,565,1585&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210728&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=463008574&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627633049932&rpt=240&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 08:17:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B58 42 B
64 B 23ms
22ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLbKPZlNW_zzZg92T5eSbrjR8ZkhLHlFQFGHs6lKoKNjEmYsSrGpTuYrRC2SCHvyqLWpTzVSwUkavOJU4cyW0aH29yZ4UcjSLJGTtpfKE8pGEWrNzK&sig=Cg0ArKJSzOB3aDyrB224EAE&id=lidar2&mcvt=1000&p=50,1285,300,1585&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210728&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1792969111&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627633049931&rpt=247&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 08:17:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F3E4 42 B
64 B 34ms
34ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBsVrHJkh0R5-AJMQ8gFvZiej4uoPcxbNs9Zhvu8PX7FRkHCtY9TdbU-6oF5w8Zoc6KGGb5pEkdzJ7GObWe3DJ8_-hhl_bCs0x4dkZNhAQWFUcrgN-yZcNJKJAPlEqqSLWxQ87Dj8rPt0wIrHc8w&sai=AMfl-YTmtYRD1ZgmsghsSdWgb8vTC3YVl-aZvHS0TqQUqVzE2KuLVDKekhNGzZ5KCq6xD2XBsUt1OIfXbJJL6Uk2J5BF_HmBL76psWtNzxz1ErOvY2zEcZkvXBbK6JCNs_sA&sig=Cg0ArKJSzMTo9X4rji4SEAE&id=ampim&o=286,70&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=184&tls=1184&g=100&h=100&tt=1184&r=v&avms=ampa&adk=1431065736

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.34st.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 08:17:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.34st.com/	1970-01-19 20:08:39	Name: _gid Value: GA1.2.87527423.1627633048
www.34st.com/	1970-01-19 20:08:39	Name: _dpn-34sceoInfo Value: %2BolUEI2k9VyzgzScvMf%2BY51%2Bwq6Pt9qV6G076qCphBzZ7nMii35LJgBhZhHvinyqfm%2FKlg%3D%3D
.34st.com/	1970-01-20 13:38:25	Name: _ga Value: GA1.2.467386749.1627633048
.34st.com/	1970-01-19 20:07:13	Name: _gat Value: 1
www.34st.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 08j9s3q0pt3up4gl89isca3i17

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.34st.com/b/e.js(Line 3) Message: Starting integration for dpn-34s
console-api	log	URL: https://www.34st.com/b/e.js(Line 4) Message: FP 49a0725e-0ca5-4597-a46b-dc244ed5aed5
console-api	log	URL: https://www.34st.com/b/e.js(Line 5) Message: REF https://www.34st.com/
console-api	log	URL: https://antifraudjs.friends2follow.com/sites/all/modules/friends2follow/dist/friends2follow_antifraud.min.js?v=20210720(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser
console-api	info	URL: https://cdn.ampproject.org/rtv/012107200040000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107200040000 https://www.34st.com/
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: fontsCustom [object Object]
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: Assets loading completed

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d9680439a87e520be7b2d8b0c45d18c.safeframe.googlesyndication.com
antifraudjs.friends2follow.com
apis.google.com
cdn.ampproject.org
cdnjs.cloudflare.com
connect.facebook.net
d8es5520nmizf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
icv.bannernow.com
image.issuu.com
p.typekit.net
pagead2.googlesyndication.com
platform.twitter.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
snworksceo.imgix.net
stats.bannernow.com
stats.g.doubleclick.net
storage.bannernow.com
syndication.twitter.com
thedp.friends2follow.com
tpc.googlesyndication.com
tracking.friends2follow.com
twemoji.maxcdn.com
us-central1-web-services-dp.cloudfunctions.net
use.typekit.net
www.34st.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.rtb123.com
104.244.42.136
13.224.89.51
142.250.184.226
185.33.221.50
2001:4860:4802:36::36
23.111.9.57
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:125e
2606:4700::6812:1cf8
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9b
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42:3::622
2a04:4e42:3::720
34.102.219.251
34.193.255.24
34.205.226.13
52.6.83.111
67.225.220.126
094aacfa9ba4bc89875aafdfe3b6712f533c28692ceee0ae56de95ae9b3893c6
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
13aebf2418a90a3a408fd528fcf45f90027657e5db7cd180312135b639da37c4
172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573
1a28c02ded40bfc952d32105b54395e3539851bdf74a4f7f695fb8f0119a25dd
1e35b2249a7a8ef3470321325033cc39469911e3da1dee745af84154e71a3bca
2a87af26c65bc923b9a0985fd6249bbc1ffcfdb208071d4fe8a12aa7b5d08430
2b0b75c72000076c630f0ba8fa11b039369bafec56595146748ff849441fdd10
2b40c9fadc5391a5071fd84efa7a1b22a6016d60c19710501a856da1ad59409f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef6098b152764c985338092267e7207676c7040d8f12187c4a9b419f1d41e83
341d7b4e74f42968b54aa84bf48ba09079b105afd99981f16a360f3e33285240
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
35344c8fadf8cc7e65b9adc5e6f8a6ebaa48548dc006d8066052775b3e209310
35bd9d448b08e6146b89931bfac28ae83c5df33b88c92e1800652c222cab535c
36039c49dd465af4e67d029ca17f86bf1f51ac8f0550c934eac34e974ee33a5c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ebd026647714647aaa1e9ce958a12670dee2ff940ac4b334d2d718f780400bf
3efaf715cb34d7b8f6fce10214e26cf47c8c701f618f8f7ded7b2e80e7697b24
40c40da873f020089892a3bc14286faf876b00f841893d51ba07c111db7c295e
412640f6199d6b01cf7a8b621d0edcccb49775de74e4dd430a210f9fbe2d9ad3
4226e10d3997007b3aa0dc40c1b37967563cce7cbc2e3bb95f8ed3b3e7a860cb
4592216ca0c1354735c9d85ebc2a90666fc547087f11e1cec9df4f206c5c62e4
45ba8d76da6207979feae30e72441a49ee8565d0bdbc8f8649c0f96290bd57e8
479789ebc7c7b79e6b0a3cd5769880403fedb19890b2c1a959cdd9a400f90db3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0a311aed2b30c3df26f73677b4a58473789659873d95f2ebdc48f6921b1aaf
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4ffcd198554ff7c94d76cb678ae1a4cd8544e64a4b61d5c5eb563ef360ad061d
5665f8390a5ed541cbfd66da58c3212dd18a200dc62a0bd6096e9d9cfd3da9c7
56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53
5824b027afa06231b4a4a1fd0b3ca562f21f380bac42255713afa09e20529306
5958d755bef727ec3daec57f93d4b714c9a411b1e81bc1bff49779a9199c1094
5987eb61acb2a46f47850a9dd4a3cbfcee19512eddc0ec95c9a904313c0b01cb
5c1afcbf679b17da83efc7b9a760919b46ef8cc4e59fcfe13852eee9f7caa722
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
687527c208e57d54b463ece5fcaa194cd3292c4edb0d3408ffadd128804a124c
695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1
6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4a0784c2c235c723466def715d53fd223024601c3c54bbc3944e27697b8b7d
6dccdb92ef025cb94a915e2371385bdaa577d821ee00e1492a3f07f597bbcb08
70a12c6c00f6fed722c0b46ad1ebb8a2c11c27121f3b8d65c254a9221965ed72
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7484f0ee133dfeafa2b6d3e932401a5bdea284f0e3542f744b815ce470d3bbdc
762dd25c58a7eac4dc6544abc73e20dacbe10cc8d4363776c4b7489ebbac5122
7727d977fa39f40c2d319f2aaa6d290f6fda454be7929c3f5370e04ab718292c
77da52330e387ed956c4d9a4aab9533d771baf594d71df17acc81ab43c1b36c4
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8
7ccb245308f9b91dc424715958420a2ced0d1d9dccb3335b1cda35167d9814fc
7cfe91cf9e016980de76d9aae9787b53d95062fb9e5ea9dc5cd1b3e2d471ff20
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80253e03166947ea180652f2fd0f4e77827ad8fee2072bfe5ed5b07c2f2a6c3c
81dc8f18ee8963fb2044f24d94196da40185e1387ccf9cfc46c3183594109868
849eb578891d83f8262c8eb06fe113ef6b0c2db18e8d48540aeb6d4b97f43bee
84aebe8a337f6d94b992a864b9e8fd60d63f1af6776528cb9e9710c75351424b
84d4a2dc02914908eb5d9449575cac928c8264f72e754c56ef3579f9b197a854
84f9c105c3b16ac4a510dae6e1f6271f201c3b17e19968e8a73c9c7cd630b32d
85dff621ce266a4ed39e36fc4ed2266ddde3ae98fc0f7f194d48c6220c012cfa
86c7c2bc430788caa234f609d0ca91019bf3ec179b6584c3c180ac488af32fd0
8bb747031d40ddfde060874627299f89f78981cca7e87a4f0e90572d72efe96d
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d8f47ba3fc9f8abe199256c4a10e740350824da156811d038a795186e03985b
97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c17e2ed4cd8b80956eac25d822740ba6028330f2a1738fdd4f77a8dda5eda3d
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
9ec0c64f115b1597b9058cb7774e56a240de29ad3cf40e75c2fb2c49fc5338a8
a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a870f8c0efeb6e2f998fdf7dc1c4f9c074f7de696ea4043602e1677d1d34c062
a9cd1fc63e362d64be03d536cdd197bf2d56d6bce55a854d162247c934d022de
aa27f6140ef05882ffafa3a531f56d0222553e38477e037310a43c80b6e2391b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1e0c8c2c40ea98c7e79eca089a5dfe442bb1c8b4c60e2a74af63a45fc9858f5
b50fadf0848a8ad0115be0412bce0c1f998a0cdbdeb13b4aabb823d1e6bbc889
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba4dd3817b46f5d37c90b527e2affc1b950552cd5b6f4b5e722feb331a2728c0
c2e7ee024a4c0c1f1b9a701fbcd653ef96dbc8534105aee2e6facc93b5cf1184
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c858836ee0e39293f17b5e049f41b0c9eaef113038e1d253d4c58b77a914ed56
c8acd0684e2342428ad56e8085e491222c82fa7156b8c225704b4ed7edd108a1
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cb9ba91214ea0aa69dac8e5df2dd1c28428d239ecd82fa68c201981ef6ab4f44
d32a1ede8cc1a978b6fa17d24ed17d3e632901867a43c140d8fd1657e3fd2010
d51b5c14fd6455affd3baceb0d2015c532566645fd80f645260c803a8b0f1c57
d594142c8189dc0b472e4e6a493a5bfb513b5ec6afa4310c1d8296586ebe57ce
d7c3362896f0cabe428785201d6cabf1c779383725a06007ee134e8c7dc337a7
d9843ce1802136c3010b406c1463fce7db19f9900a7b47fa36e45cf020f4df22
d987eed73fafe2f6d7390243623f3547ddf7489c70f45c7949008bea05fe1b36
de71fa7acfd31b2b19a4ee556a3772b9c6fe285606ba65830037a3e0670c3bd5
df9695b05efd2e91c01ade4372fb2d2c8d44529215835c86e4b3912bceee673e
e157827ae082f67c8429ef20dd2a914e8391e72db67ddcf32baa2cfe5d44a447
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f1cc5eaf947872132e193a2e81cbb3f30a764bb495ad29c1501c07a19d45f
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ec75f5f81f8d9976ae985ba86f53f9a069e44f1ee66bc3595f97801abf582b3f
eca48824a13b12bd6503bda806b0a66f2b0810fdc90796c0e763c3f934cee5a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7d38f67157f44fbfdc41521b667eebf961b4828bc7c474c61f9120b5e735ca
f660051d99613601209a3f52c728be1869db7ec2992a1ae2af25fc4da9e372e6
ff8c0d0e0bd1c1b1c15235e3629e1eb665f985e90a96bc614f9170575913b98d

www.34st.com Open in urlscan Pro 34.205.226.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

100 %HTTPS

69 %IPv6

24 Domains

34 Subdomains

33 IPs

4 Countries

2484 kBTransfer

4982 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.34st.com Open in urlscan Pro
34.205.226.13 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

100 %
HTTPS

69 %
IPv6

24
Domains

34
Subdomains

33
IPs

4
Countries

2484 kB
Transfer

4982 kB
Size

5
Cookies

134 HTTP transactions
7 data transactions